Add small csp test

Emyrk · Emyrk · commit 4f79fb678f1c · 2023-05-01T10:51:40.000-05:00
diff --git a/coderd/httpmw/csp_test.go b/coderd/httpmw/csp_test.go
@@ -1 +1,33 @@
 package httpmw_test
+
+import (
+	"fmt"
+	"net/http"
+	"net/http/httptest"
+	"testing"
+
+	"github.com/stretchr/testify/require"
+
+	"github.com/coder/coder/coderd/httpmw"
+)
+
+func TestCSPConnect(t *testing.T) {
+	t.Parallel()
+
+	expected := []string{"example.com", "coder.com"}
+
+	r := httptest.NewRequest(http.MethodGet, "/", nil)
+	rw := httptest.NewRecorder()
+
+	httpmw.CSPHeaders(func() []string {
+		return expected
+	})(http.HandlerFunc(func(rw http.ResponseWriter, r *http.Request) {
+		rw.WriteHeader(http.StatusOK)
+	})).ServeHTTP(rw, r)
+
+	require.NotEmpty(t, rw.Header().Get("Content-Security-Policy"), "Content-Security-Policy header should not be empty")
+	for _, e := range expected {
+		require.Containsf(t, rw.Header().Get("Content-Security-Policy"), fmt.Sprintf("ws://%s", e), "Content-Security-Policy header should contain ws://%s", e)
+		require.Containsf(t, rw.Header().Get("Content-Security-Policy"), fmt.Sprintf("wss://%s", e), "Content-Security-Policy header should contain wss://%s", e)
+	}
+}
